Tag: Privacy

The change, to curtail access to the Canvas API, is incremental and likely to be limited in how it is visible to regular users. However it signals some progress in a collaboration with the Tor project to incorporate code and ideas that benefit the privacy features of Firefox and Tor Browser. The Register’s write up includes a pretty good explainer on fingerprinting and why finding ways to mitigate it is important.Read More …

According to The Register, the US Deputy Attorney General is now saying that technology companies don’t need to install back doors in their encryption–provided they can reveal plain text of all secure communications on demand. Entirely misses the point.Read More …

Why is this still a thing? There is no such thing as encryption only law enforcers can bypass. The math and computer science on this is pretty well settled, not to mention the terrifying unintended consequences that would be unleashed should the FBI should get its wish. Thankfully, EFF is still on top of this, as Kurt Opsahl does the usual solid analysis taking this to task and taking it apart.Read More …

Sean Gallagher at Ars does an admirable job of breaking down a security topic, threat modeling, that doesn’t get much attention outside of research and professional circles. This piece is a long read but well worth it, both to understand the tecnique and for all the references and practical advice.Read More …

Nitasha Tiku at Wired has a fascinating look at a potential shift in competition law with regards to technology, fueled by trends in privacy and big data. Lina Khan, a former colleague of mine, is quoted extensively, offering some very sharp opinions and questions. Well worth a read.

Mike Loukkides defines defensive computing through a few examples and more importantly argues in broad strokes why we need it. Definitely bolsters my argument that neither technology nor policy on their own are sufficient to defend our online interests, such as privacy. We need smart technology that deals with the actual realities of how networks work and smart policy that shores up our expectations with strong accountability.

The Hill has the details of Blackburn’s bill which are exactly what the right said they wanted when they repealed the FCC’s pending privacy rules. Worth noting is that this would apply to ISPs and content companies alike along with moving oversight and enforcement to the FTC. No idea if this will shore up the FTC’s authority but the concern I have is its track record in this space, which is not great, and the fact that it traditionally has had far fewer staff technologists to help with efforts like these than the FCC.

I stopped using Thunderbird some time ago in favor of the email client that is part of my Linux distribution. I recognize the importance of Thunderbird given how webmail has generally erode the ability for regular folks have to have secure and confidential email correspondence. I am glad to see the project find new footing and a means to sustain.

I submit that this trend of revealing private online activity through second and third order effects, like fingerprinting network packet headers as described in this research, is why we still need to push for better privacy norms and regulations. There is never likely to be a perfect privacy solution, we’ll always need some reasonable expectations and legal protections as well.

Categories

Endorsements

"[T]houghtful, informative, and deep, a real plunge into the geeky end of the news-pool. There's great analysis and rumination, as well as detailed explanations of important security issues with common OSes and so on." -- Cory Doctorow